Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #90032 > unrolled thread

Encrypt python files

Back to article view | Back to comp.lang.python

Contents

  Encrypt python files Palpandi <palpandi111@gmail.com> - 2015-05-05 23:37 -0700
    Re: Encrypt python files Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-05-06 16:47 +1000
    Re: Encrypt python files David Palao <dpalao.python@gmail.com> - 2015-05-06 08:49 +0200
    Re: Encrypt python files Palpandi <palpandi111@gmail.com> - 2015-05-06 00:23 -0700
      DRM is self-defeating (was: Encrypt python files) Ben Finney <ben+python@benfinney.id.au> - 2015-05-06 17:41 +1000
      Re: DRM is self-defeating (was: Encrypt python files) Chris Angelico <rosuav@gmail.com> - 2015-05-06 18:00 +1000
      Re: Encrypt python files Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-05-06 19:04 +1000
      Re: Encrypt python files Emile van Sebille <emile@fenx.com> - 2015-05-06 14:28 -0700
      Re: Encrypt python files Denis McMahon <denismfmcmahon@gmail.com> - 2015-05-08 10:59 +0000
        Re: Encrypt python files Dave Angel <davea@davea.name> - 2015-05-08 08:13 -0400
          (OT) Re: Encrypt python files Gregory Ewing <greg.ewing@canterbury.ac.nz> - 2015-05-09 13:03 +1200
            Re: (OT) Re: Encrypt python files Chris Angelico <rosuav@gmail.com> - 2015-05-09 12:02 +1000
        Re: Encrypt python files BartC <bc@freeuk.com> - 2015-05-13 14:48 +0100
    Re: Encrypt python files Denis McMahon <denismfmcmahon@gmail.com> - 2015-05-08 10:51 +0000
    Re: Encrypt python files "M.-A. Lemburg" <mal@egenix.com> - 2015-05-13 15:11 +0200

#90032 — Encrypt python files

Hi,

What are the ways to encrypt python files?

[toc] | [next] | [standalone]

#90033

On Wednesday 06 May 2015 16:37, Palpandi wrote:

> Hi,
> 
> What are the ways to encrypt python files?

The same as the ways to encrypt any other file. Your encryption program 
shouldn't care whether you are encrypting text files, JPEGs, mp3 audio 
files, executable binary code, Python scripts, or a giant file of all ASCII 
nulls. It will just encrypt the file regardless of what kind of file it is.

What encryption program are you using?



-- 
Steve

[toc] | [prev] | [next] | [standalone]

#90034

Hello,
I'm afraid your question is either not well defined (or not well
enough) or wrong for this list, at least as I understand it.
Could you please explain it better?

Best

2015-05-06 8:37 GMT+02:00 Palpandi <palpandi111@gmail.com>:
> Hi,
>
> What are the ways to encrypt python files?
> --
> https://mail.python.org/mailman/listinfo/python-list

[toc] | [prev] | [next] | [standalone]

#90037

On Wednesday, May 6, 2015 at 12:07:13 PM UTC+5:30, Palpandi wrote:
> Hi,
> 
> What are the ways to encrypt python files?

No, I just want to hide the scripts from others.

[toc] | [prev] | [next] | [standalone]

#90038 — DRM is self-defeating (was: Encrypt python files)

Palpandi <palpandi111@gmail.com> writes:

> On Wednesday, May 6, 2015 at 12:07:13 PM UTC+5:30, Palpandi wrote:

> > What are the ways to encrypt python files?
>
> No, I just want to hide the scripts from others.

Which others? You can hide the scripts from them by never showing those
others the scripts. If you don't trust a recipient, don't let them
receive the file.

I suspect you are asking “how can I distribute Python modules to people
without those people being able to read them”? You can't, because
executing the file requires reading its contents.

Anyone who has a machine that can execute the file has a machine that
must, by necessity, read its contents.


This is the dilemma of those who think they want Digital Restrictions
Management (DRM): attempting to treat recipients as untrustworthy, while
still telling them they can use the files.

If you a person is in possession of the file you're trying to restrict,
on a machine they possess, with a key needed to unlock the content, then
that person is in possession of everything needed to unlock the content.

On the other hand, if one of those (e.g. the key to unlock the content)
is missing, then the file is useless for whatever you're saying the
recipient can do with it.

The only feasible solution is to distribute files only to those
recipients you want to have them, and can trust to do with them as you
ask. If you don't trust a recipient, don't hand the files to them.


On the other hand, if you're asking something else, you will need to be
much more explicit. You have not helped us understand what you want thus
far.

-- 
 \        “This sentence contradicts itself — no actually it doesn't.” |
  `\                                               —Douglas Hofstadter |
_o__)                                                                  |
Ben Finney

[toc] | [prev] | [next] | [standalone]

#90039 — Re: DRM is self-defeating (was: Encrypt python files)

On Wed, May 6, 2015 at 5:41 PM, Ben Finney <ben+python@benfinney.id.au> wrote:
> The only feasible solution is to distribute files only to those
> recipients you want to have them, and can trust to do with them as you
> ask. If you don't trust a recipient, don't hand the files to them.

in today's world, that basically gives two good options:

1) Distribute your code far and wide, let every man and his dog clone
your source code, and license it so they're allowed to; or
2) Host your code on a server that people don't get access to, and
have them interact with it remotely.

Either way works really well. You can have closed-source software that
people never directly see, yet benefit from (and potentially pay you),
or you can let people see everything they're running. The problem only
comes when you try to hybridize.

(Aside: Most people carry mobile phones they don't truly own/control,
so they're restricted by what the device manufacturer offers them.
Despite looking superficially like the first case, it's really more
like the second.)

ChrisA

[toc] | [prev] | [next] | [standalone]

#90042

On Wednesday 06 May 2015 17:23, Palpandi wrote:

> On Wednesday, May 6, 2015 at 12:07:13 PM UTC+5:30, Palpandi wrote:
>> Hi,
>> 
>> What are the ways to encrypt python files?
> 
> No, I just want to hide the scripts from others.

Why, are you ashamed of your code?

Python is free, open source software. Hiding the code from others is not a 
priority for the developers of the language. Besides, you can't hide the 
code unless you only operate the application via a web service, or similar. 
As soon as you give people a copy of the code, whether it is binary code or 
source code, they have a copy of it and can look at it and work out how what 
it does.

If "hiding the code" was good for security, why are there so many viruses 
and spybots and worms and other malware for Windows?

No, as far as I am concerned, trying to hide the code is a waste of time 
with Python. But if you absolutely must, you can distribute the .pyc files 
instead of the .py files, and that will discourage casual tinkerers from 
poking around in the program. The .pyc file is compiled to byte-code rather 
than source code, so it's not readable without running it through a 
decompiler.


-- 
Steve

[toc] | [prev] | [next] | [standalone]

#90076

On 5/6/2015 12:23 AM, Palpandi wrote:
> On Wednesday, May 6, 2015 at 12:07:13 PM UTC+5:30, Palpandi wrote:
>> Hi,
>>
>> What are the ways to encrypt python files?
>
> No, I just want to hide the scripts from others.
>

See http://stackoverflow.com/questions/261638/how-do-i-protect-python-code

Emile

[toc] | [prev] | [next] | [standalone]

#90142

On Wed, 06 May 2015 00:23:39 -0700, Palpandi wrote:

> On Wednesday, May 6, 2015 at 12:07:13 PM UTC+5:30, Palpandi wrote:
>> Hi,
>> 
>> What are the ways to encrypt python files?
> 
> No, I just want to hide the scripts from others.

You can do that by deleting the scripts. Make sure you use a secure 
deletion tool.

I'm not aware of any mechanism for encrypted executable python scripts. 
You can obfuscate the code, but you can't encrypt it because the python 
interpreter needs the script file to execute it.

The same holds true for any mechanism designed to encrypt executable code 
regardless of whether it's script or compiled. At the lowest level the 
processor only understands the instruction set, and encrypted code has to 
be decrypted to execute.

As the decryption method is always available to anyone who has legitimate 
access to execute the code, it's impossible to hide the code at that 
point.

Example - if I give you an encrypted binary to run on your system, it 
either has to be unencryptable using tools you already have, or using a 
built in unencrypter, both of which you have access to and can use to 
unencrypt the encrypted executable code.

-- 
Denis McMahon, denismfmcmahon@gmail.com

[toc] | [prev] | [next] | [standalone]

#90153

On 05/08/2015 06:59 AM, Denis McMahon wrote:
> On Wed, 06 May 2015 00:23:39 -0700, Palpandi wrote:
>
>> On Wednesday, May 6, 2015 at 12:07:13 PM UTC+5:30, Palpandi wrote:
>>> Hi,
>>>
>>> What are the ways to encrypt python files?
>>
>> No, I just want to hide the scripts from others.
>
> You can do that by deleting the scripts. Make sure you use a secure
> deletion tool.
>
> I'm not aware of any mechanism for encrypted executable python scripts.
> You can obfuscate the code, but you can't encrypt it because the python
> interpreter needs the script file to execute it.
>
> The same holds true for any mechanism designed to encrypt executable code
> regardless of whether it's script or compiled. At the lowest level the
> processor only understands the instruction set, and encrypted code has to
> be decrypted to execute.
>
> As the decryption method is always available to anyone who has legitimate
> access to execute the code, it's impossible to hide the code at that
> point.
>
> Example - if I give you an encrypted binary to run on your system, it
> either has to be unencryptable

It'd be clearer if you used  decryptable, since unencryptable has a very 
different meaning.

http://en.wiktionary.org/wiki/unencryptable


> using tools you already have, or using a
> built in unencrypter, both of which you have access to and can use to
> unencrypt the encrypted executable code.
>

likewise decrypter and decrypt.

-- 
DaveA

[toc] | [prev] | [next] | [standalone]

#90202 — (OT) Re: Encrypt python files

Dave Angel wrote:
> It'd be clearer if you used  decryptable, since unencryptable has a very 
> different meaning.
> 
> http://en.wiktionary.org/wiki/unencryptable

The meaning is clear, but does that word have a use?
What could a piece of unencryptable data possibly
be like?

-- 
Greg

[toc] | [prev] | [next] | [standalone]

#90204 — Re: (OT) Re: Encrypt python files

On Sat, May 9, 2015 at 11:03 AM, Gregory Ewing
<greg.ewing@canterbury.ac.nz> wrote:
> Dave Angel wrote:
>>
>> It'd be clearer if you used  decryptable, since unencryptable has a very
>> different meaning.
>>
>> http://en.wiktionary.org/wiki/unencryptable
>
>
> The meaning is clear, but does that word have a use?
> What could a piece of unencryptable data possibly
> be like?

When you make an HTTPS request to a remote server, both your IP and
the server's are unencryptable; anyone in the middle can see who is
talking to whom.

ChrisA

[toc] | [prev] | [next] | [standalone]

#90547

On 08/05/2015 11:59, Denis McMahon wrote:
> On Wed, 06 May 2015 00:23:39 -0700, Palpandi wrote:

>> No, I just want to hide the scripts from others.

> As the decryption method is always available to anyone who has legitimate
> access to execute the code, it's impossible to hide the code at that
> point.

Execute yes, but not necessarily allow access to the source if that is 
the problem.

> Example - if I give you an encrypted binary to run on your system, it
> either has to be unencryptable using tools you already have, or using a
> built in unencrypter, both of which you have access to and can use to
> unencrypt the encrypted executable code.

It can certainly be made harder than simply distributing source code. By 
using a proprietary byte-code for example, or code designed to run on 
some virtual machine. The tools run execute it will need to be provided, 
but that's a long way from being able to reconstruct source code (and if 
that was achieved, you would likely end up with some source code that 
corresponds to the interpreter, not the application).

But it depends on what secrets the OP is trying to hide. Just proving 
.pyc files might be enough, and is minimal inconvenience to the user.

-- 
Bartc

[toc] | [prev] | [next] | [standalone]

#90140

On Tue, 05 May 2015 23:37:02 -0700, Palpandi wrote:

> What are the ways to encrypt python files?

Depends why you want to encrypt them, and what you want to do with the 
encrypted files.

Do you mean executable python code files, or do you mean data files 
generated by python.

-- 
Denis McMahon, denismfmcmahon@gmail.com

[toc] | [prev] | [next] | [standalone]

#90545

On 06.05.2015 08:37, Palpandi wrote:
> Hi,
> 
> What are the ways to encrypt python files?

This talk shows some usable ways of doing that:

https://www.youtube.com/watch?v=tKXpMVQIH2Y&index=92&list=PL8uoeex94UhEomMao7wuOrOGuj3jxJYlz

-- 
Marc-Andre Lemburg
eGenix.com

Professional Python Services directly from the Source  (#1, May 13 2015)
>>> Python Projects, Coaching and Consulting ...  http://www.egenix.com/
>>> mxODBC Plone/Zope Database Adapter ...       http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/
________________________________________________________________________
2015-05-13: Released mxODBC Connect 2.1.3 ...     http://egenix.com/go75
2015-05-11: Released eGenix PyRun 2.1.0 ...       http://egenix.com/go74
2015-05-25: PyWaw Summit 2015, Warsaw, Poland ...          12 days to go

   eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
    D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
           Registered at Amtsgericht Duesseldorf: HRB 46611
               http://www.egenix.com/company/contact/

[toc] | [prev] | [standalone]

Back to top | Article view | comp.lang.python

csiph-web